Controllerless Networks

Reply
Contributor II
Posts: 65
Registered: ‎12-09-2013

IAP Portal 802.1x issues%0D%0A

Im using IAP on the latest code. I setup my ssid to use radius for 802.1x auth. On Radius, I have EAP with a self signed cert. On a windows client, I create the wireless network, turn off "validate Cert" until I get a 3rd party one, and connect using WPA2 Enterpise. I get connected fine. Then I convert the SSID to guest, create a authenticated captive portal, point auth to radius and login keeps failing with the below error. What am I missing? 

 

Contact the Network Policy Server administrator for more information.

 

User:

                Security ID:                                          redbull\RSmith

                Account Name:                                   rsmith

                Account Domain:                                               redbull

               

Client Machine:

                Security ID:                                          NULL SID

                Account Name:                                   -

                Fully Qualified Account Name:        -

                OS-Version:                                          -

                Called Station Identifier:                   aca31ec7b99c

                Calling Station Identifier:                  c4b301bb0dc1

 

NAS:

                NAS IPv4 Address:                              192.168.174.250

                NAS IPv6 Address:                              -

                NAS Identifier:                                     -

                NAS Port-Type:                                    Wireless - IEEE 802.11

                NAS Port:                                              0

 

RADIUS Client:

                Client Friendly Name:                        Aruba

                Client IP Address:                                                192.168.174.250

 

Authentication Details:

                Connection Request Policy Name: NAP 802.1X (Wireless)

                Network Policy Name:                      Aruba

                Authentication Provider:                  Windows

                Authentication Server:                      SDDC02.off.redbull.edu

                Authentication Type:                         PAP

                EAP Type:                                             -

                Account Session Identifier:                               -

                Logging Results:                                  Accounting information was written to the local log file.

                Reason Code:                                       66

                Reason:                                                 The user attempted to use an authentication method that is not enabled on the matching network policy.

 

 

MVP
Posts: 4,301
Registered: ‎07-20-2011

Re: IAP Portal 802.1x issues

You need to enable PAP authentication in NPS/IAS policy for that to work

Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Contributor II
Posts: 65
Registered: ‎12-09-2013

Re: IAP Portal 802.1x issues

[ Edited ]

I did enable it. Under authentication in the network policy on NPS. The check box under MSChap section. I also enabled EAP and EAP settings.. 

Also, why is it using PAP. I want EAP only. Could EAP not be working becouse its doesn’t have a trusted Cert so PAP is being used instead?

Guru Elite
Posts: 21,279
Registered: ‎03-29-2007

Re: IAP Portal 802.1x issues

Pap is the only thing that works with Captive Portal.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: